kubernetes worker
#54

Description

Kubernetes is an open-source platform for deploying, scaling, and operations
of application containers across a cluster of hosts. Kubernetes is portable
in that it works with public, private, and hybrid clouds. Extensible through
a pluggable infrastructure. Self healing in that it will automatically
restart and place containers on healthy nodes if a node ever goes away.

Scale out

To add additional compute capacity to your Kubernetes workers, you mayjuju add-unit scale the cluster of applications. They will automatically
join any related kubernetes-master, and enlist themselves as ready once the
deployment is complete.

Operational actions

The kubernetes-worker charm supports the following Operational Actions:

Pause

Pausing the workload enables administrators to both drain and cordon
a unit for maintenance.

Resume

Private registry

With the "registry" action that is part for the kubernetes-worker charm, you can very easily create a private docker registry, with authentication, and available over TLS. Please note that the registry deployed with the action is not HA, and uses storage tied to the kubernetes node where the pod is running. So if the registry pod changes is migrated from one node to another for whatever reason, you will need to re-publish the images.

Example usage

Create the relevant authentication files. Let's say you want user userA to authenticate with the password passwordA. Then you'll do :

Supposing your registry will be reachable at myregistry.company.com, and that you already have your TLS key in the registry.key file, and your TLS certificate (with myregistry.company.com as Common Name) in the registry.crt file, you would then run :

Known Limitations

Kubernetes workers currently only support 'phaux' HA scenarios. Even when configured with an HA cluster string, they will only ever contact the first unit in the cluster map. To enalbe a proper HA story, kubernetes-worker units are encouraged to proxy through a kubeapi-load-balancer
application. This enables a HA deployment without the need to
re-render configuration and disrupt the worker services.

(string)
Allow privileged containers to run on worker nodes. Supported values are
"true", "false", and "auto". If "true", kubelet will run in privileged
mode by default. If "false", kubelet will never run in privileged mode.
If "auto", kubelet will not run in privileged mode by default, but will
switch to privileged mode if gpu hardware is detected.

(string)
Used by the nrpe subordinate charms.
A string that will be prepended to instance name to set the host name
in nagios. So for instance the hostname would be something like:
juju-myservice-0
If you're running multiple environments with the same services in them
this allows you to differentiate between them.